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REMARKS 

I. INTRODUCTION 

Claims 1, 18-23, 25-33 and 35-37 are pending. Claims 1, 27, and 37 are independent claims. 
Claims 1, 27, and 37 are amended herein. The Office Action set forth the following grounds of 
rejection: 

1 . That claims 1 , 27, and 37 are allegedly directed to non-statutory 
subject matter and are therefore unpatentable under 35 U.S.C. §101; 

2. That claims 1, 19, 20, 24, 25-27, 29, 30, 34, 35, and 36 are allegedly 
unpatentable under 35 U.S.C. § 103(a) over United States Patent No. 6,367,009 
("Davis") in view of United States Patent No. 6,178,505 ("Schneider") in view of 
United States Patent No. 6,023,765 ("Kuhn"); 

3. That claims 21, 22, 31, 32, and 37 are allegedly unpatentable under 35 
U.S.C. § 103(a) over Davis in view of the Schneider and Kuhn and further in view of 
United States Patent Application No 2001/0020242 ("Gupta"); and 

4. That claims 18, 23, 28, and 33 are allegedly unpatentable under 35 
U.S.C. § 103(a) over Davis in view of Schneider and Kuhn and further in view of 
United States Patent No. 6,240,091 ("Ginzboorg"). 

The Office Action represents new grounds of rejection. 

In view of the following arguments, all claims are believed to be in condition for allowance 

over the references of record. Therefore, this response is believed to be a complete response to the 

Office Action. 1 Further, for any instances in which the Examiner took Official Notice in the Office 

Action, Applicants expressly do not acquiesce to the taking of Official Notice, and respectfully 

request that the Examiner provide an affidavit to support the Official Notice taken in the next Office 

Action, as required by 37 CFR 1.104(d)(2). 

II. SECTION 101 REJECTIONS (GROUND OF REJECTION NO. 1) 

The Examiner rejected each of independent claims 1, 27, and 37 under Section 101 "because 
they do not contain any form of computer hardware." (Office Action, page 3.) Applicants have 



1 As Applicant's remarks with respect to the Examiner's rejections are sufficient to overcome the present rejections, 
Applicant's silence as to assertions by the Examiner in the Office Action or certain requirements that may be applicable 
to such rejections (e.g., whether a reference constitutes prior art, motivation to combine references, assertions as to 
dependent claims, etc.) is not a concession by Applicant that such assertions are accurate or such requirements have 
been met, and Applicant reserves the right to analyze and dispute such assertions/requirements in the future. Further, 
Applicants do not necessarily agree with or acquiesce to the Examiner's characterizations of the scope and meaning of 
their claims. 
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followed the Examiner's suggestion at page 3 of the Office Action and have amended the 
independent claims to explicitly include the word "hardware." Accordingly, Applicants respectfully 
submit that the Section 101 rejection of all claims should be withdrawn. Further, in the event that 
the following arguments concerning the inapplicability of the cited references to the claims are 
deemed unpersuasive, the Examiner is nonetheless urged to enter the foregoing claim amendments 
and to withdraw the present Section 101 rejections, thereby narrowing the issues to be presented in 
an appeal. 

III. SECTION 103 REJECTIONS (GROUNDS OF REJECTION NOS. 2-4) 

Independent claim 1, rejected as allegedly unpatentable over Davis in view of Schneider and 

further in view of Kuhn, recites in part: 

a directory, coupled to the certificate authentication component, to 
maintain an account for each individual user, each account containing 
an access policy specifying at least one portion of the computer site to 
which the corresponding user is permitted access, each account further 
containing at least one of an internet protocol (IP) address and a 
certificate authorization method associated with the user . 

In addressing claims 24 and 34 in the Office Action (page 5), the Examiner alleged that "Schneider 

teaches the account containing an IP address." As argued in Applicants' paper dated January 22, 

2010 (page 9), while Schneider does make certain disclosures related to Internet protocol (IP) 

addresses, Schneider does not teach or suggest "each account further containing ... an Internet 

protocol (IP) address," much less "an internet protocol (IP) address . . . associated with the user." 

Further, contrary to allegations newly made by the Examiner (Office Action, page 2), Schneider 

does not teach or suggest an account containing "a certificate authorization method associated with 

the user," as recited in claim 1 . 

Schneider discloses "access filters" that use techniques "to determine the minimum amount 

[of security needed by a session]." (Schneider, column 18, lines 23-25.) When an access filter is 

implemented, a "trust level for a user is determined from the manner in which [an] access request 

identifies the user." (Id., column 18, lines 59-60.) Thus, an access filter may include a table 

containing, among other things, "minimum identification methods." (Id., column 19, lines 48-50.) 

One way for the user to be identified is by "the IP address or fully qualified domain name of the 

user's computer." (Id., column 19, lines 19-20.) In other words, Schneider teaches at most that IP 
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addresses may be included in access filters, but Schneider's access filters are not associated with 
individual users. In short, Schneider in no way teaches or suggests "an account for each individual 
user" that contains "an Internet protocol (IP) address . . . associated with the user." 

Consistent with his teachings regarding access filters, Schneider teaches that user IP 
addresses may be provided at most from user session information, and not from a user account. 
That is, Schneider discloses that users may be "identified by IP addresses" and may "appear in [a] 
display as ranges of IP addresses." {Id., column 23, lines 18-20.) Then, "users whose sessions have 
the source IP addresses listed" in the display may be added to a user group. {Id., column 23, lines 
30-33.) Thus, a user session, and not a user account, provides a user IP address in Schneider. 

The Examiner responded to the foregoing arguments, also made in Applicants' January 22, 
2010, paper, by asserting that "Schneider teaches a 'range' of IP addresses for each user." (Office 
Action, page 2.) Then the Examiner asserted, without any support, "that this still associates an IP 
address for a user." In short, the Examiner has admitted that Schneider does not disclose "an 
Internet protocol (IP) address . . . associated with the user." For at least this reason, the present 
rejection of claim 1 must be withdrawn. 

Further, the Examiner's response to the above argument that Schneider's "access filters" do 
not amount to "an Internet protocol (IP) address . . . associated with the user" was to assert that 
"Schneider teaches users are defined in 'information sets' in a database." (Office Action, page 2.) 
The Examiner further contended that "user information data sets 313" read on the "account" recited 
in claim 1 . However, Schneider's "information sets" are not in fact user account data but rather are 
business data to which users have access according to an access policy. {See, e.g., Schneider, 
column 12, lines 21-53.) Moreover, Schneider discloses simply that "[d]atabase 301 permits 
hierarchical definition of both user groups and information sets." As discussed above, user groups 
may be subject to access filters, but users are not identified according to IP addresses. Indeed, 
Schneider discloses a number of modes for identifying and authenticating a user, but none of these 
include associating a user with an IP address. {See Schneider, column 13, lines 1-28.) For at least 
these further reasons, the present rejection of claim 1 must be withdrawn. 

The Examiner also stated that he did "not believe the argument about sessions is relevant." 
(Office Action, page 2.) According to the Examiner, "[t]he session IP address, which is also the IP 
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address of the user, has previously been stored in a database that identifies the user, and then that 
user has been assigned to a group." (Office Action, page 2.) Applicants respectfully disagree that 
Schneider includes such a teaching or suggestion, or that such a teaching or suggestion applies to 
Applicants' claims. If the Examiner maintains the present rejection of claim 1 , the Examiner is 
respectfully requested to identify, in the next Office Action, the portion or portions of Schneider that 
allegedly discloses storing a session IP address associated with a user in a database. In addition, a 
user session providing an IP address to be compared against a range of IP addresses in an access 
filter would have meant that there was no need to store a particular user's IP address because the IP 
address was obtained from the user session. For at least these further reasons, the rejection of claim 
1 must be withdrawn. 

Finally, the Examiner argued that, alternatively, "Schneider also teaches that the database 
contains a certificate authorization method associated with the user as shown in Column 1 1 lines 1- 
55 (matching)." (Office Action, page 2.) However, Schneider simply teaches a certificate 
authorization method in which a certificate may include a description of a hypothetical user who 
may access certain data. Schneider's user groups may be defined according to "certificate matching 
criteria which define the values of the fields which a certificate that belongs to a member of a given 
user group must have." (Schneider, column 11, lines 52-56.) Schneider does not include any 
teaching or suggestion of a "certificate authorization method associated with the user" because 
Schneider teaches at most matching certificates to user groups, not users. Further, Schneider merely 
teaches such "matching" and does not teach or suggest that the user groups include a "certificate 
authorization method." In sum, Schneider in no way teaches or suggests "an account for each 
individual user" that includes a "certificate authorization method associated with the user" as 
required by claim 1 . For at least these further reason, the Examiner's rejection must be withdrawn. 

In sum, Schneider does not teach or suggest "each account further containing at least one of 
an Internet protocol (IP) address and a certificate authorization method associated with the user," as 
recited in claim 1 . Neither Davis nor Kuhn compensates for the deficiencies of Schneider. 
Therefore, claim 1 , and all claims depending therefrom, are in condition for allowance over the 
cited references at least for the foregoing reasons. 
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Independent claims 27 and 37 both recite "each account further containing at least one of an 
Internet protocol (IP) address and a certificate authorization method associated with the user." 
Therefore, these claims, and the claims depending from claim 27, are likewise in condition for 
allowance over the cited references at least for the foregoing reasons. 
IV. CONCLUSION 

In view of the above amendment, Applicants believe the pending application is in condition 
for allowance. Reconsideration and allowance are respectfully requested. 

It is believed that any fees associated with the filing of this paper are identified in an 
accompanying transmittal. However, if any additional fees are required, they may be charged to 
Deposit Account No. 18-0013, under Order No. 65632-0632. To the extent necessary, a petition for 
extension of time under 37 C.F.R. § 1.136 is hereby made, the fee for which should be charged 
against the aforementioned account. 
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